CVE-2024-4965 | D-Link DAR-7000-40 V31R02B1413C /useratte/resmanage.php load os command injection (SAP10354)

A vulnerability was found in D-Link DAR-7000-40 V31R02B1413C and classified as critical. This issue affects some unknown processing of the file /useratte/resmanage.php. The manipulation of the argument load leads to os command injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

The identification of this vulnerability is CVE-2024-4965. The attack may be initiated remotely. Furthermore, there is an exploit available.

Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.

It is recommended to replace the affected component with an alternative.

CVE-2024-4965 | D-Link DAR-7000-40 V31R02B1413C /useratte/resmanage.php load os command injection (SAP10354)

Related Posts

CVE-2024-41936 | Vonets VGA-1000 up to 3.3.23.6.9 path traversal (icsa-24-214-08)

CVE-2023-49337 | Concrete CMS up to 9.2.2 Admin Dashboard name cross site scripting

CVE-2024-24062 | springboot-manager 1.6 /sys/role cross site scripting

CVE-2024-5916 | Palo Alto PAN-OS/Cloud NGFW/Prisma Access cleartext storage in a file or on disk